Updateres løbende 😉
Jeg har nu testede en Siemens iQ300 for forskellige sikkerhedshuller. Jeg har brugt nmap med disse options: sudo nmap –script vuln (IP)
Starting Nmap 7.93 ( https://nmap.org ) at xxxxxxxxxxx CET Stats: 0:00:25 elapsed; 0 hosts completed (0 up), 0 undergoing Script Pre-Scan
NSE Timing: About 75.00% done; ETC: 14:48 (0:00:08 remaining)
Pre-scan script results:
| broadcast-avahi-dos:
| Discovered hosts:
| 224.0.0.251
| After NULL UDP avahi packet DoS (CVE-2011-1002).
|_ Hosts are all up (not vulnerable).
Nmap scan report for siemens-dishwasher.domaine (IP)
Host is up (0.020s latency).
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE
443/tcp open https
|_http-dombased-xss: Couldn’t find any DOM based XSS.
|_http-stored-xss: Couldn’t find any stored XSS vulnerabilities.
|_ssl-ccs-injection: No reply from server (TIMEOUT)
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
|_http-csrf: Couldn’t find any CSRF vulnerabilities.
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
MAC Address: 48:26:4C:28:49:xx (Unknown)
nmap -sV –script “ssl-*” -p 443 (IP)
Starting Nmap 7.93 ( https://nmap.org ) at 2025-xx-xx 14:51 CET
NSE: [ssl-ccs-injection] No response from server: EOF
Nmap scan report for siemens-dishwasher (IP)
Host is up (0.069s latency).
PORT STATE SERVICE VERSION
443/tcp open ssl/https?
|_ssl-ccs-injection: No reply from server (TIMEOUT)
|_ssl-date: TLS randomness does not represent time
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) – A
| TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 (secp256r1) – A
| TLS_PSK_WITH_AES_256_CBC_SHA – unknown
| TLS_NULL_WITH_NULL_NULL – F
| compressors:
| NULL
| cipher preference: server
| warnings:
| Anonymous key exchange, score capped at F
|_ least strength: unknown
MAC Address: 48:26:4C:28:49:C6 (Unknown)
nmap -sV -A (IP)
Starting Nmap 7.93 ( https://nmap.org ) at 2025-xxx-xxx xxx CET
Nmap scan report for siemens-dishwasher (ip)
Host is up (0.0068s latency).
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE VERSION
443/tcp open ssl/https?
|_ssl-date: TLS randomness does not represent time
MAC Address: 48:26:4C:28:49:xx (Unknown)
No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint:
OS:SCAN(V=7.93%E=4%D=11/24%OT=443%CT=1%CU=36806%PV=Y%DS=1%DC=D%G=Y%M=48264C OS:%TM=69245D20%P=aarch64-unknown-linux -gnu)SEQ(SP=104%GCD=1%ISR=10B%TI=Z%C OS:I=Z%II=I%TS=A)SEQ(II=I)OPS(O1=M5B4ST11NW4%O2=M5B4ST11NW4%O3=M5B4NNT11NW4 OS:%O4=M5B4ST11NW4%O5=M5B4ST11NW4%O6=M5B4ST11)WIN(W1=FE88%W2=FE88%W3=FE88%W OS:4=FE88%W5=FE88%W6=FE88)ECN(R=Y%DF=Y%T=40%W=FAF0%O=M5B4NNSNW4%CC=Y%Q=)ECN OS:R=N)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T1(R=N)T2(R=N)T3(R=N)T4(R=Y%OS:DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%OS:O=%RD=0%Q=)T5(R=N)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=OS:Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0 OS:%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)